10
CVSSv2

CVE-2013-6343

Published: 22/01/2014 Updated: 31/12/2016
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote malicious users to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp.

Affected Products

Vendor Product Versions
AsusRt-ac66u Firmware3.0.0.4..374 979
AsusRt-n56u Firmware3.0.0.4..374 979
AsusTm-ac1900 Firmware3.0.0.4..374 979

Exploits

#!/usr/bin/env python from time import sleep from sys import exit import urllib2, signal, struct, base64, socket, ssl # [*] Title: ASUS RT-N56U Remote Root Shell Exploit - apps_name # [*] Discovered and Reported: October 2013 # [*] Discovered/Exploited By: Jacob Holcomb/Gimppy - Security Analyst @ ISE # [*] Contact: Twitter - @rootHak42 # [*] So ...

Mailing Lists

ASUS RT-N56U remote root shell buffer overflow exploit Written in python ...